CLAIMS 



1 . A method for facilitating remote access by a mail client to a mail server 
via an intermediary server, said method comprising: 

5 (a) receiving a mail access request at the intermediary server, the mail 

access request being sent to the intermediary server from the mail client for a 
requestor; 

(b) receiving a password associated with the mail access request; 

(c) authenticating the requestor with the mail server based on the 
10 received password; 

(d) authenticating the requestor with an authentication server based on 
the received password, the authentication server being associated with a 
private network that includes the mail server; and 

(e) permitting the mail access request when both the mail server and 
15 the authentication server authenticate the requestor. 

2. A method as recited in claim 1, wherein a mail server password and an 
authentication server password arejncluded in or derived from the received 
password, 

20 wherein said authenticating (c) authenticates the requestor with the 

mail server using the mail server password, and 

wherein said authenticating (d) authenticates the requestor with the 
authentication server using the authentication server password. 

25 3. A method as recited in claim 1 , wherein said authenticating (d) 
comprises: 

(d1) retrieving a previously stored hashed password associated with 
the requestor or the mail client; 

(d2) determining whether a hashed version of the received password 
so matches the previously stored hashed password; 
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(d3) authenticating the requestor with the authentication server based 
on the received password; and 

(d4) bypassing said authenticating (d3) and treating the received 
password has having been authenticated when said determining (d2) 
5 determines that the hashed version of the received password matches the 
previously stored hashed password. 

4. A method as recited in claim 3, wherein a mail server password and an 
authentication server password are included in or derived from the received 

io password, 

wherein said authenticating (c) authenticates the requestor with the 
mail server using the mail server password, and 

wherein said authenticating (d) authenticates the requestor with the 
authentication server using the authentication server password. 

15 

5. A method as recited in claim 3, 

wherein said receiving (d1) further includes at least retrieving a time 
last authorized by the authentication server, and 
wherein said method further comprises: 
20 (d5) determining whether the time last authorized by the 

authentication server exceeds a first predetermined duration; and 

(d6) preventing said bypassing (d4) from bypassing said 
authenticating (d3) when said determining (d5) determines that the time last 
authorized by the authentication server exceeds the first predetermined 
25 duration. 

6. A method as recited in claim 5, wherein the first predetermined 
duration is a maximum session duration. 

30 7. A method as recited in claim 5, wherein a mail server password and an 
authentication server password are included in or derived from the received 
password, 
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wherein said authenticating (c) authenticates the requestor with the 
maii server using the mail server password, and 

wherein said authenticating (d) authenticates the requestor with the 
authentication server using the authentication server password. 

8. A method as recited in claim 3, 

wherein said receiving (d1) further includes at least retrieving a time 
last used password, and 

wherein said method further comprises: 

(d5) determining whether the time last used password exceeds 
a second predetermined duration; and 

(d6) preventing said bypassing (d4) from bypassing said 
authenticating (d3) when said determining (d5) determines that the time last 
used password exceeds the second predetermined duration. 

9. A method as recited in claim 8, wherein the second predetermined 
duration is a maximum idle duration. 

10. A method as recited in claim 9, wherein a mail server password and an 
authentication server password are included in or derived from the received 
password, 

wherein said authenticating (c) authenticates the requestor with the 
mail server using the mail server password, and 

wherein said authenticating (d) authenticates the requestor with the 
authentication server using the authentication server password. 

11. A method for authenticating a requestor of a remote mail client seeking 
access to a mail server, said method comprising: 

(a) receiving a password from the remote mail client; 

(b) retrieving a previously stored hashed password; 

(c) determining whether a hashed version of the received password 
matches the previously stored hashed password; 
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(d) authenticating the requestor with the mail server based on the 
received password; and 

(e) further authenticating the requestor with an authentication server 
based on the received password when said determining (c) determines that 
the hashed version of the received password does not match the previously 
stored hashed password, the authentication server being associated with a 
private network that includes the mail server. 

1 2. A method as recited in claim 1 1 , wherein the received password is an 
authentication password, and wherein the authentication password serves to 
authenticate the requestor or the remote mail client to the authentication 
server. 

13. A method as recited in claim 1 1 , 

wherein said receiving (a) further receives a time last authorized by 
the authentication server, 

wherein said determining (c) further determines whether the time since 
the time last authorized by the authentication server exceeds a first 
predetermined duration, and 

wherein said authenticating (e) is performed when said determining (c) 
determines that the time since the time last authorized by the authentication 
server exceeds the first predetermined duration, regardless of whether said 
determining (c) determines that the hashed version of the received password 
matches the previously stored hashed password. 

14. A method as recited in claim 1 1 , 

wherein said receiving (a) further receives a time last used password, 
wherein said determining (c) further determines whether the time since 
the time last used password exceeds a second predetermined duration, and 

wherein said authenticating (e) is performed when said determining (c) 
determines that the time since the time last used password exceeds the 
second predetermined duration, regardless of whether said determining (c) 
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determines that the hashed version of the received password matches the 
previously stored hashed password. 

15. A method as recited in claim 1 1 , 

wherein said receiving (a) further receives a time last authorized by 
the authentication server and a time last used password, 

wherein said determining (c) further determines whether the time since 
the time last authorized by the authentication server exceeds a first 
predetermined duration and whether the time since the time last used 
password exceeds a second predetermined duration, and 

wherein said authenticating (e) is performed when said determining (c) 
determines that the time since the time last authorized by the authentication 
server exceeds the first predetermined duration or that the time since the time 
last used password exceeds the second predetermined duration, regardless 
of whether said determining (c) determines that the hashed version of the 
received password matches the previously stored hashed password. 

16. A method as recited in claim 1 5, wherein the received password is an 
authentication password, and wherein the authentication password serves to 
authenticate the requestor or the remote mail client to the authentication 
server. 

17. A method as recited in claim 15, wherein the first predetermined 
duration is a maximum session duration, and wherein the second 
predetermined duration is a maximum idle duration. 

18. A computer readable medium including at least computer program 
code for facilitating remote access by a mail client to a mail server via an 
intermediary server, said computer readable medium comprising: 

computer program code for receiving a mail access request at the 
intermediary server, the mail access request being sent to the intermediary 
server from the mail client for a requestor; 
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computer program code for receiving a password associated with the 
mail access request; 

computer program code for authenticating the requestor with the mail 
server based on the received password; 

computer program code for authenticating the requestor with an 
authentication server based on the received password, the authentication 
server being associated with a private network that includes the mail server; 
and 

computer program code for permitting the mail access request when 
both the mail server and the authentication server authenticate the requestor. 

19. A computer readable medium as recited in claim 18, wherein a mail 
server password and an authentication server password are included in or 
derived from the received password, 

wherein said computer program code for authenticating operates to 
authenticate the requestor with the mail server using the mail server 
password, and 

wherein said computer program code for authenticating operates to 
authenticate the requestor with the authentication server using the 
authentication server password. 

20. A computer readable medium as recited in claim 18, wherein said 
computer program code for authenticating comprises: 

computer program code for retrieving a previously stored hashed 
password associated with the requestor or the mail client; 

computer program code for determining whether a hashed version of 
the received password matches the previously stored hashed password; 

computer program code for authenticating the requestor with the 
authentication server based on the received password; and 

computer program code for bypassing the authenticating and treating 
the received password has having been authenticated when said computer 
program code for determining determines that the hashed version of the 
received password matches the previously stored hashed password. 
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21 . A computer readable medium including at least computer program 
code for authenticating a requestor of a remote mail client seeking access to 
a mail server, said computer readable medium comprising: 

computer program code for receiving a password from the remote mail 

client; 

computer program code for retrieving a previously stored hashed 
password; 

computer program code for determining whether a hashed version of 
the received password matches the previously stored hashed password; 

computer program code for authenticating the requestor with the mail 
server based on the received password; and 

computer program code for authenticating the requestor with an 
authentication server based on the received password when said computer 
program code for determining determines that the hashed version of the 
received password does not match the previously stored hashed password, 
the authentication server being associated with a private network that 
includes the mail server. 

22. A computer readable medium as recited in claim 21 , wherein the 
received password is an authentication password, and wherein the 
authentication password serves to authenticate the requestor or the remote 
mail client to the authentication server. 

23. A computer readable medium as recited in claim 21 , 

wherein said computer program code for receiving further receives a 
time last authorized by the authentication server, 

wherein said computer program code for determining further 
determines whether the time since the time last authorized by the 
authentication server exceeds a predetermined duration, and 

wherein the authenticating is performed by said computer program 
code for authenticating when said computer program code for determining 
determines that the time since the time last authorized by the authentication 



Att. Diet. No.: DANAP006 



49 



server exceeds the predetermined duration, regardless of whether said 
computer program code for determining determines that the hashed version 
of the received password matches the previously stored hashed password. 
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